HTTP: Dangerous ClassID in ActiveX Object Type 41
This signature detects Web pages containing dangerous ActiveX CLSID references. Malicious Web sites can exploit a known vulnerability in Internet Explorer and gain control of client browsers.
Extended Description
Microsoft Internet Explorer is prone to a buffer overflow vulnerability that is related to instantiation of COM objects. Successful exploitation could let remote attackers execute arbitrary code in the context of the currently logged in user on the affected computer. This is a variant of the vulnerability described in BID 14511 Microsoft Internet Explorer COM Object Instantiation Buffer Overflow Vulnerability. The difference between this issue and BID 14511 is that a different set of COM objects are affected that were not addressed in the previous BID.
Affected Products
Avaya s8100_media_servers,Microsoft visio_2002
Short Name
HTTP:STC:CLSID:ACTIVEX:AX-41
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
41 ActiveX CVE-2005-2127 ClassID Dangerous Object Type bid:15061 in
Release Date
08/17/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Ati
Microsoft
Avaya
CVSS Score
7.5